Privacy and security news, 2/28/2021
Updated: Mar 5
Solarwinds continues to make news: The SolarWinds Body Count Now Includes NASA and the FAA They’re also identifying scapegoats SolarWinds Officials Throw Intern Under the Bus for ‘solarwinds123’ Password Fail with Microsoft: We've open-sourced this tool we used to hunt for code by SolarWinds hackers so we’ll even find more victims!
As is to be expected when growth is more important than security Clubhouse’s security and privacy lag behind its explosive growth and as also expected Clubhouse vows to fix its platform after tool enabled audio chat leaks In an interesting discussion Clubhouse illuminates the stark cultural divide between journalists and tech people
And here’s another expected event: Twitter’s new hacking label has already been hacked
Not content to just use their skills themselves, Cybercrime groups are selling their hacking skills. Some countries are buying
And here’s what we get when attack is more important than defense: Chinese Hackers Reportedly Wielded a Stolen NSA Cyber Weapon for Years
The never-ending news about attack method advances
It’s good to hear that Apple Takes Action Against Silver Sparrow Malware Discovered on 30K Infected Macs but isn’t it a bit late?
In this space too, privacy invading technology appears to advance faster than privacy preserving technology. The latter is just not as profitable!
It appears that security and privacy don’t always go together: Security researcher recommends against LastPass after detailing 7 trackers
As privacy violations become more apparent, their penalties are going up! TikTok will pay $92 million to settle class-action data harvesting lawsuit and Judge approves $650 million Facebook privacy settlement over facial recognition feature and that applies just to users in Illinois!
As we’ve seen above The Best Law You’ve Never Heard Of is starting to have effect! It’s not all or nothing as One State Managed to Actually Write Rules on Facial Recognition
In major steps, Federal judge rules that California can enforce its net neutrality law as